Skip to content

Commit 73f7359

Browse files
kzalyskzalys
authored
feat: Review role permissions (#139)
* feat: Review role permissions * feat: Provide access to GetAuthorizedResources to all users
1 parent 3d70819 commit 73f7359

File tree

2 files changed

+15
-11
lines changed

2 files changed

+15
-11
lines changed

config/role/role.yaml

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,21 +1,24 @@
11
role:
2-
# TODO: review permissions for roles after Auth System V2 is finished (https://github.com/unicsmcr/hs_auth/issues/81)
32
unverified:
43
- "hs:hs_auth:frontend:EmailUnverifiedPage"
54
- "hs:hs_auth:frontend:EmailUnverifiedPageComponents"
65
- "hs:hs_auth:frontend:VerifyEmailResend"
6+
- "hs:hs_auth:api:v2:ResendEmailVerification?path_id=me"
7+
- "hs:hs_auth:api:v2:GetAuthorizedResources"
78
applicant:
89
- "hs:hs_auth:frontend:ProfilePage"
910
- "hs:hs_auth:frontend:ProfilePageComponents:Default"
1011
- "hs:hs_auth:frontend:ProfilePageComponents:TeamPanel"
1112
- "hs:hs_auth:frontend:CreateTeam"
1213
- "hs:hs_auth:frontend:JoinTeam"
1314
- "hs:hs_auth:frontend:LeaveTeam"
14-
- "hs:hs_auth:api:v2:Register"
1515
- "hs:hs_auth:api:v2:GetUser?path_id=me"
16-
- "hs:hs_auth:api:v2:Login"
16+
- "hs:hs_auth:api:v2:GetUsers?query_team=me"
1717
- "hs:hs_auth:api:v2:CreateTeam"
18+
- "hs:hs_auth:api:v2:SetTeam?path_id=me"
19+
- "hs:hs_auth:api:v2:RemoveFromTeam?path_id=me"
1820
- "hs:hs_auth:api:v2:GetTeam?path_id=me"
21+
- "hs:hs_auth:api:v2:GetAuthorizedResources"
1922
- "hs:hs_apply:apply"
2023
attendee:
2124
- "hs:hs_auth:frontend:ProfilePage"
@@ -24,21 +27,22 @@ role:
2427
- "hs:hs_auth:frontend:CreateTeam"
2528
- "hs:hs_auth:frontend:JoinTeam"
2629
- "hs:hs_auth:frontend:LeaveTeam"
27-
- "hs:hs_auth:api:v2:Register"
2830
- "hs:hs_auth:api:v2:GetUser?path_id=me"
29-
- "hs:hs_auth:api:v2:Login"
31+
- "hs:hs_auth:api:v2:GetUsers?query_team=me"
3032
- "hs:hs_auth:api:v2:CreateTeam"
33+
- "hs:hs_auth:api:v2:SetTeam?path_id=me"
34+
- "hs:hs_auth:api:v2:RemoveFromTeam?path_id=me"
3135
- "hs:hs_auth:api:v2:GetTeam?path_id=me"
36+
- "hs:hs_auth:api:v2:GetAuthorizedResources"
3237
- "hs:hs_apply:apply"
3338
- "hs:hs_hub"
3439
volunteer:
3540
- "hs:hs_auth:frontend:ProfilePage"
3641
- "hs:hs_auth:frontend:ProfilePageComponents:Default"
37-
- "hs:hs_auth:api:v2:Register"
38-
- "hs:hs_auth:api:v2:GetUser?path_id=me"
39-
- "hs:hs_auth:api:v2:Login"
40-
- "hs:hs_auth:api:v2:CreateTeam"
41-
- "hs:hs_auth:api:v2:GetTeam?path_id=me"
42+
- "hs:hs_auth:api:v2:GetUser"
43+
- "hs:hs_auth:api:v2:GetUsers"
44+
- "hs:hs_auth:api:v2:GetTeams"
45+
- "hs:hs_auth:api:v2:GetAuthorizedResources"
4246
- "hs:hs_apply:apply"
4347
- "hs:hs_hub"
4448
- "hs:hs_apply:review"

routers/api/v2/router.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -77,7 +77,7 @@ func (r *apiV2Router) RegisterRoutes(routerGroup *gin.RouterGroup) {
7777
usersGroup.PUT("/:id/role", r.authorizer.WithAuthMiddleware(r, r.SetRole))
7878
usersGroup.PUT("/:id/permissions", r.authorizer.WithAuthMiddleware(r, r.SetSpecialPermissions))
7979
usersGroup.PUT("/:id/password", r.authorizer.WithAuthMiddleware(r, r.SetPassword))
80-
usersGroup.GET("/:id/password/resetEmail", r.authorizer.WithAuthMiddleware(r, r.GetPasswordResetEmail))
80+
usersGroup.GET("/:id/password/resetEmail", r.GetPasswordResetEmail)
8181
usersGroup.PUT("/:id/email/verify", r.authorizer.WithAuthMiddleware(r, r.VerifyEmail))
8282
usersGroup.GET("/:id/email/verify", r.authorizer.WithAuthMiddleware(r, r.ResendEmailVerification))
8383

0 commit comments

Comments
 (0)